Security

Apple likely took down iCloud Activation Lock to stop hacks relying on stolen serial numbers

Christian Zibreg ∙ January 31, 2017

As we reported, Apple recently took down its tremendously useful Activation Lock webpage for reasons unknown. The theft-deterrent tool allowed legitimate iOS device owners and just about anyone else to check the status of the Activation Lock feature by entering a serial number. Apple provided no explanation for the removal, but all checks point to it being a precautionary measure meant to prevent hacks relying on stolen serial numbers, as a reader pointed out in comments.

For reasons unknown, Apple takes down theft-deterrent Activation Lock web tool

Christian Zibreg ∙ January 29, 2017

Apple recently took down its web tool for checking if a used iPhone, iPad, iPod touch or Apple Watch was stolen. The firm gave no explanation for the move.

The link to the Activation Lock webpage no longer works and the support document detailing the feature does not contain any reference to the web tool as of January 24. It was unclear at post time if a new version of the tool might be returning in the future in one form or another.

How to remove your credit card information from your iPhone

Anthony Bouchard ∙ Updated January 30, 2024

In this tutorial, we'll show you how you can remove your credit card or other payment method information from Safari, Apple ID, and Apple Pay on your iPhone or iPad.

Malwarebytes reports first case of Mac malware for 2017, points out antiquated tactics

Anthony Bouchard ∙ January 19, 2017

Security software development firm Malwarebytes has just exposed what could be the first known case of Mac malware for the year of 2017.

It appears to be a highly antiquated piece of malware. In other words, it’s not super advanced and it’s using methods to infect machines that are so well-known that only a small number of unsuspecting users would even fall victim to it.

WhatsApp has a backdoor that allows snooping on end-to-end encrypted messages [updated]

Christian Zibreg ∙ January 13, 2017

In 2016, WhatsApp finally enabled complete end-to-end encryption for both chats and video calls to ensure that no one but the intended recipient can decipher contents of their communications. Unfortunately, it's come to light that WhatsApp's system has been plagued by a major vulnerability which was discovered by Tobias Boelter, a cryptography and security researcher at the University of California, Berkeley.

In an interview with the British newspaper The Guardian, Boelter said the backdoor could let Facebook read end-to-end encrypted content, meaning the social network could be complied with court orders to make decrypted messages available to law enforcement and other government agencies

UPDATE: We've received a response from WhatsApp regarding the alleged backdoor.

Chrome 56 adds support for FLAC codec, “Not Secure” HTTP warning, web Bluetooth & more

Christian Zibreg ∙ January 13, 2017

Chrome 56 for Mac and other platforms has entered Google's beta channel. When released to the general public, the browser will bring native support for the FLAC audio codec within the browser and other perks. This should come in handy because macOS does not support the FLAC file format out of the box so users often must use a third-party converter or video player to play these files. With Chrome 56, Mac users will be able to play FLAC-encoded audio files embedded in web pages or local files drag and dropped onto the browser window.

How to check if your Mac supports Auto Unlock

Christian Zibreg ∙ Updated April 25, 2023

macOS Sierra debuted a new feature called Auto Unlock that lets you get into your Mac without typing your account password simply by wearing a passcode-protected Apple Watch. With Auto Unlock, you just wake up your Mac and if it senses you're nearby and wearing your watch, it'll log you in automatically. Yes, it just works!

Auto Unlock imposes certain hardware pre-requisites in terms of modern Bluetooth and Wi-Fi chipsets. Here's how you can quickly check if your Mac supports Auto Unlock.

Here’s everything Cellebrite’s forensic tool can extract from iPhones

Christian Zibreg ∙ December 23, 2016

Documents uncovered by ZDNet have revealed the true scope of technology from Israeli developer Cellebrite Mobile Synchronization, which specializes in smartphone data extraction, transfer and analysis.

The leaked documents show just how much private data its smartphone forensic tool UFED, used by law enforcement, is capable of extracting from iPhones.

In a single data-extraction session, investigators were able to collect a huge array of personal data from an iPhone 5 like messages, phone calls, voicemails, images and more, including some deleted content. UFED can pull similar data from other phones, too, including Wi-Fi hotspots and cellular towers the device's was connected to.

Turkish police wants Apple to unlock Russian ambassador killer’s iPhone 4s

Christian Zibreg ∙ December 22, 2016

Andrei Karlov, the ambassador to Turkey, was killed while giving a speech at an art gallery in Ankara three days ago by 22-year-old off-duty police officer Mevlut Mert Altintas. According to MacReports, Turkish police approached Apple about unlocking an iPhone 4s that was recovered from the shooter.

The device is locked with a 4-digit passcode, but it's unclear if it runs iOS 8.0+ or one of the earlier iOS editions that don't enforce full disk encryption.

How to log out of all active Facebook sessions from your iPhone

Anthony Bouchard ∙ Updated March 24, 2020

If you have a Facebook account, then chances are you access it on more than one device. You might forget from time to time to sign out of sessions on other machines you don't intend to use again, such as those in schools or at the workplace, potentially handing over access to your Facebook account to the next person(s) who uses the machine.

Facebook fortunately comes with a feature that lets you sign out of all active sessions on your account with just a few taps. We'll show you how you can do this in this tutorial.

How to use the on-demand VPN feature on your iPhone or iPad

Anthony Bouchard ∙ Updated June 15, 2018

Depending on the VPN you’re using, your iPhone or iPad might be able to take advantage of a feature called VPN on demand (VPoD).

Essentially what this does is it connects you to your VPN automatically when it’s needed so you don’t have to toggle it on manually before accessing the internet from your device. As a result, you can have peace of mind because your information is protected once you begin using the internet.

macOS Sierra 10.12.2 fixed vulnerability that let attackers obtain disk encryption password

Christian Zibreg ∙ December 19, 2016

Last week's macOS Sierra 10.12.2 software update squashed a number of bugs and patched a few newly discovered vulnerabilities, among them one that allowed an attacker to obtain your FileVault disk encryption password by plugging in a $300 Thunderbolt device into a locked or sleeping Mac.

As detailed by security researcher Ulf Frisk, attackers must have physical access to your Mac in order to exploit the vulnerability. The obtained password may be used to unlock your Mac's disk and access everything on it.